SaaSHub helps you find the best software and product alternatives Learn more →
Amazon-eks-pod-identity-webhook Alternatives
Similar projects and alternatives to amazon-eks-pod-identity-webhook
-
external-dns
Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better amazon-eks-pod-identity-webhook alternative or higher similarity.
amazon-eks-pod-identity-webhook reviews and mentions
Posts with mentions or reviews of amazon-eks-pod-identity-webhook.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-05-04.
-
Grant Kubernetes Pods Access to AWS Services Using OpenID Connect
Its not specific to EKS, you can find the underlying webhook that injects the "identity" here: https://github.com/aws/amazon-eks-pod-identity-webhook
You have to jump through much of the same hoops you describe, having a public `.well-known` endpoint for example. I have achieved this in the past by putting the OIDC discovery information in an S3 bucket.
-
k3s on AWS,does it make sense?
You can install the pod identity webhook and AWS cloud provider, csi provider etc on a bare kube cluster and get pretty close to the EKS experience. Not something I’d do for prod, but interesting as a learning exercise.
-
IAM roles for pods in external k8s cluster
Yes you absolutely can. https://github.com/aws/amazon-eks-pod-identity-webhook/blob/master/SELF_HOSTED_SETUP.md
-
Unable to read token file , permission denied
Is your pod running as an unprivileged user? Sounds like https://github.com/aws/amazon-eks-pod-identity-webhook/issues/8 to me.
-
Zero-configuration IRSA on kOps
On EKS, the pod identity webhook is commonly used as the mechanism for adding the necessary parts of the Pod spec. This webhook looks for ServiceAccounts with a specific set of annotations telling it what ARN it can assume and various other settings. When a Pod is created that uses one of these ServiceAccounts, the webhook mutates the Pod using information found in the ServiceAccount annotations.
-
Using IAM Roles for ServiceAccounts on kOps
If you prefer, you could create ServiceAccounts with these details and use the EKS identity webhook, but I don't see kOps supporting that webhook as a native addon.
-
[AWS-EFS][IAM] AWS EFS CSI instructions say to use a service account w/ IAM role association, but is it possible with KIAM instead?
The Amazon EKS Pod Identity Webhook on the cluster watches for pods that are associated with service accounts with this special annotation & injects Web Identity Token credentials into the pod as environment variables (technical details here).
-
Understanding AWS K8s architecture using EC2
I don’t know how KOPs manages IAM creds for pods these days, but you can use this (my recommendation) https://github.com/aws/amazon-eks-pod-identity-webhook, or something like KIAM or kube2iam
-
A note from our sponsor - SaaSHub
www.saashub.com | 29 Apr 2024
Stats
Basic amazon-eks-pod-identity-webhook repo stats
8
581
6.8
6 days ago
aws/amazon-eks-pod-identity-webhook is an open source project licensed under Apache License 2.0 which is an OSI approved license.
The primary programming language of amazon-eks-pod-identity-webhook is Go.
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com